Hello,
A redaction policy has been created on the table column that is referred in the the sub query of the failing CTAS (Insert from select) command as below.
insert into <Table name> select * from <Table with Redaction policy>;
When you try to CTAS or insert from table ith redaction policy, you will get ORA-28081 error as below
SQL> insert into <Table name> select * from <Table with Redaction policy>;
insert into <Table name> select * from <Table with Redaction policy>
*
ERROR at line 1:
ORA-28081: Insufficient privileges – the command references a redacted object.
Users cannot perform a CREATE TABLE AS SELECT where any of the columns being selected (source columns) is protected by a Data Redaction policy (and similarly, any DML operation where the source is a redacted column). Redacted columns are not allowed as part of the CREATE TABLE AS SELECT where any of the columns being selected (source columns) is protected by a Data Redaction policy (and similarly, any DML operation where the source is a redacted column). This is product limitation by design. Solution to this problem is either convert the CTAS statements into a normal INSERT script. OR Grant the user EXEMPT REDACTION POLICY system privilege.
Users who have the INSERT privilege on a table can insert values into a redacted column, regardless of whether a Data Redaction policy exists on the table. Data Redaction only affects SQL SELECT statements (that is, queries) issued by a user, and has no effect on any other SQL issued by a user, including INSERT, UPDATE, or DELETE statements. But Users cannot perform a CREATE TABLE AS SELECT where any of the columns being selected (source columns) is protected by a Data Redaction policy (and similarly, any DML operation where the source is a redacted column), unless the user was granted the EXEMPT REDACTION POLICY system privilege.
Talip Hakan Ozturk's ORACLE BLOG 